rasheedamir
commented
7 years ago I have been thinking that we should always run a nginx webserver in front of tomcat; and terminate SSL connections on it. So, then we don't need to have a tomcat with SSL!
tomcat dockerfile with SSL certificates that can be synched from S3 bucket. We will run consul template to get path or connection string to access the S3 bucket so, that cert can be downloaded; it has to be secure (maybe use vault?)
The idea is that all public facing frontend running apps should have SSL configured for secure communication. So, why not make configurable solution.
If you're using nginx chances are that at least some of the data you're handling is sensitive, and SSL is an easy way to offer your users security.
SSL is one of the most common ways of integrating secure communication on the internet, as it is a mature protocol that is well-supported by every major browser and a number of well-respected organizations provide third party SSL authentication services.
Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication. Technically, the term "SSL" now refers to the Transport Layer ouSecurity (TLS) protocol, which is based on the original SSL specification.